<!DOCTYPE html>
<html lang="en-us">
  <head>

    <meta http-equiv="content-type" content="text/html; charset=utf-8">
    
<meta charset="UTF-8">
<title>Monitoring settings in Elasticsearch | Elasticsearch Guide [7.7] | Elastic</title>
<link rel="home" href="index.html" title="Elasticsearch Guide [7.7]">
<link rel="up" href="settings.html" title="Configuring Elasticsearch">
<link rel="prev" href="ml-settings.html" title="Machine learning settings in Elasticsearch">
<link rel="next" href="modules-node.html" title="Node">
<meta name="DC.type" content="Learn/Docs/Elasticsearch/Reference/7.7">
<meta name="DC.subject" content="Elasticsearch">
<meta name="DC.identifier" content="7.7">
<meta name="robots" content="noindex,nofollow">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <script src="https://cdn.optimizely.com/js/18132920325.js"></script>
    <link rel="apple-touch-icon" sizes="57x57" href="/apple-icon-57x57.png">
    <link rel="apple-touch-icon" sizes="60x60" href="/apple-icon-60x60.png">
    <link rel="apple-touch-icon" sizes="72x72" href="/apple-icon-72x72.png">
    <link rel="apple-touch-icon" sizes="76x76" href="/apple-icon-76x76.png">
    <link rel="apple-touch-icon" sizes="114x114" href="/apple-icon-114x114.png">
    <link rel="apple-touch-icon" sizes="120x120" href="/apple-icon-120x120.png">
    <link rel="apple-touch-icon" sizes="144x144" href="/apple-icon-144x144.png">
    <link rel="apple-touch-icon" sizes="152x152" href="/apple-icon-152x152.png">
    <link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png">
    <link rel="icon" type="image/png" href="/favicon-32x32.png" sizes="32x32">
    <link rel="icon" type="image/png" href="/android-chrome-192x192.png" sizes="192x192">
    <link rel="icon" type="image/png" href="/favicon-96x96.png" sizes="96x96">
    <link rel="icon" type="image/png" href="/favicon-16x16.png" sizes="16x16">
    <link rel="manifest" href="/manifest.json">
    <meta name="apple-mobile-web-app-title" content="Elastic">
    <meta name="application-name" content="Elastic">
    <meta name="msapplication-TileColor" content="#ffffff">
    <meta name="msapplication-TileImage" content="/mstile-144x144.png">
    <meta name="theme-color" content="#ffffff">
    <meta name="naver-site-verification" content="936882c1853b701b3cef3721758d80535413dbfd">
    <meta name="yandex-verification" content="d8a47e95d0972434">
    <meta name="localized" content="true">
    <meta name="st:robots" content="follow,index">
    <meta property="og:image" content="https://www.elastic.co/static/images/elastic-logo-200.png">
    <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
    <link rel="icon" href="/favicon.ico" type="image/x-icon">
    <link rel="apple-touch-icon-precomposed" sizes="64x64" href="/favicon_64x64_16bit.png">
    <link rel="apple-touch-icon-precomposed" sizes="32x32" href="/favicon_32x32.png">
    <link rel="apple-touch-icon-precomposed" sizes="16x16" href="/favicon_16x16.png">
    <!-- Give IE8 a fighting chance -->
    <!--[if lt IE 9]>
    <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
    <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
    <![endif]-->
    <link rel="stylesheet" type="text/css" href="/guide/static/styles.css">
  </head>

  <!--© 2015-2021 Elasticsearch B.V. Copying, publishing and/or distributing without written permission is strictly prohibited.-->

  <body>
    <!-- Google Tag Manager -->
    <script>dataLayer = [];</script><noscript><iframe src="//www.googletagmanager.com/ns.html?id=GTM-58RLH5" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
    <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= '//www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-58RLH5');</script>
    <!-- End Google Tag Manager -->

    <!-- Global site tag (gtag.js) - Google Analytics -->
    <script async src="https://www.googletagmanager.com/gtag/js?id=UA-12395217-16"></script>
    <script>
      window.dataLayer = window.dataLayer || [];
      function gtag(){dataLayer.push(arguments);}
      gtag('js', new Date());
      gtag('config', 'UA-12395217-16');
    </script>

    <!--BEGIN QUALTRICS WEBSITE FEEDBACK SNIPPET-->
    <script type="text/javascript">
      (function(){var g=function(e,h,f,g){
      this.get=function(a){for(var a=a+"=",c=document.cookie.split(";"),b=0,e=c.length;b<e;b++){for(var d=c[b];" "==d.charAt(0);)d=d.substring(1,d.length);if(0==d.indexOf(a))return d.substring(a.length,d.length)}return null};
      this.set=function(a,c){var b="",b=new Date;b.setTime(b.getTime()+6048E5);b="; expires="+b.toGMTString();document.cookie=a+"="+c+b+"; path=/; "};
      this.check=function(){var a=this.get(f);if(a)a=a.split(":");else if(100!=e)"v"==h&&(e=Math.random()>=e/100?0:100),a=[h,e,0],this.set(f,a.join(":"));else return!0;var c=a[1];if(100==c)return!0;switch(a[0]){case "v":return!1;case "r":return c=a[2]%Math.floor(100/c),a[2]++,this.set(f,a.join(":")),!c}return!0};
      this.go=function(){if(this.check()){var a=document.createElement("script");a.type="text/javascript";a.src=g;document.body&&document.body.appendChild(a)}};
      this.start=function(){var a=this;window.addEventListener?window.addEventListener("load",function(){a.go()},!1):window.attachEvent&&window.attachEvent("onload",function(){a.go()})}};
      try{(new g(100,"r","QSI_S_ZN_emkP0oSe9Qrn7kF","https://znemkp0ose9qrn7kf-elastic.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_emkP0oSe9Qrn7kF")).start()}catch(i){}})();
    </script><div id="ZN_emkP0oSe9Qrn7kF"><!--DO NOT REMOVE-CONTENTS PLACED HERE--></div>
    <!--END WEBSITE FEEDBACK SNIPPET-->

    <div id="elastic-nav" style="display:none;"></div>
    <script src="https://www.elastic.co/elastic-nav.js"></script>

    <!-- Subnav -->
    <div>
      <div>
        <div class="tertiary-nav d-none d-md-block">
          <div class="container">
            <div class="p-t-b-15 d-flex justify-content-between nav-container">
              <div class="breadcrum-wrapper"><span><a href="/guide/" style="font-size: 14px; font-weight: 600; color: #000;">Docs</a></span></div>
            </div>
          </div>
        </div>
      </div>
    </div>

    <div class="main-container">
      <section id="content">
        <div class="content-wrapper">

          <section id="guide" lang="en">
            <div class="container">
              <div class="row">
                <div class="col-xs-12 col-sm-8 col-md-8 guide-section">
                  <!-- start body -->
                  <div class="page_header">
<strong>IMPORTANT</strong>: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
<a href="../current/index.html">current release documentation</a>.
</div>
<div id="content">
<div class="breadcrumbs">
<span class="breadcrumb-link"><a href="index.html">Elasticsearch Guide [7.7]</a></span>
»
<span class="breadcrumb-link"><a href="setup.html">Set up Elasticsearch</a></span>
»
<span class="breadcrumb-link"><a href="settings.html">Configuring Elasticsearch</a></span>
»
<span class="breadcrumb-node">Monitoring settings in Elasticsearch</span>
</div>
<div class="navheader">
<span class="prev">
<a href="ml-settings.html">« Machine learning settings in Elasticsearch</a>
</span>
<span class="next">
<a href="modules-node.html">Node »</a>
</span>
</div>
<div class="section xpack">
<div class="titlepage"><div><div>
<h2 class="title">
<a id="monitoring-settings"></a>Monitoring settings in Elasticsearch<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/monitoring-settings.asciidoc">edit</a><a class="xpack_tag" href="/subscriptions"></a>
</h2>
</div></div></div>

<p>By default, monitoring is enabled but data collection is disabled. To enable
data collection, use the <code class="literal">xpack.monitoring.collection.enabled</code> setting.</p>
<p>You can configure these monitoring settings in the <code class="literal">elasticsearch.yml</code> file. You
can also dynamically set some of these settings using the
<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">cluster update settings API</a>.</p>
<div class="tip admon">
<div class="icon"></div>
<div class="admon_content">
<p>Cluster settings take precedence over settings in the <code class="literal">elasticsearch.yml</code>
file.</p>
</div>
</div>
<p>To adjust how monitoring data is displayed in the monitoring UI, configure
<a href="/guide/en/kibana/7.7/monitoring-settings-kb.html" class="ulink" target="_top"><code class="literal">xpack.monitoring</code> settings</a> in
<code class="literal">kibana.yml</code>. To control how monitoring data is collected from Logstash,
configure monitoring settings in <code class="literal">logstash.yml</code>.</p>
<p>For more information, see <a class="xref" href="monitor-elasticsearch-cluster.html" title="Monitor a cluster">Monitor a cluster</a>.</p>
<h4>
<a id="general-monitoring-settings"></a>General Monitoring Settings<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/monitoring-settings.asciidoc">edit</a>
</h4>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">xpack.monitoring.enabled</code>
</span>
</dt>
<dd>
<p>
Set to <code class="literal">true</code> (default) to enable Elasticsearch X-Pack monitoring for Elasticsearch on the node.
</p>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>To enable data collection, you must also set <code class="literal">xpack.monitoring.collection.enabled</code>
to <code class="literal">true</code>. Its default value is <code class="literal">false</code>.</p>
</div>
</div>
</dd>
</dl>
</div>
<h4>
<a id="monitoring-collection-settings"></a>Monitoring Collection Settings<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/monitoring-settings.asciidoc">edit</a>
</h4>
<p>The <code class="literal">xpack.monitoring.collection</code> settings control how data is collected from
your Elasticsearch nodes. You can dynamically change all monitoring collection
settings using the <a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">cluster update settings API</a>.</p>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">xpack.monitoring.collection.enabled</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
<span class="Admonishment Admonishment--change">
[<span class="Admonishment-version u-mono">6.3.0</span>]
<span class="Admonishment-detail">
Added in 6.3.0.
</span>
</span> Set to <code class="literal">true</code> to enable the collection of monitoring data. When
this setting is <code class="literal">false</code> (default), Elasticsearch monitoring data is not collected and
all monitoring data from other sources such as Kibana, Beats, and Logstash is
ignored.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.collection.interval</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
<p>
Setting to <code class="literal">-1</code> to disable data collection is no longer supported beginning with
7.0.0. <span class="Admonishment Admonishment--change">
[<span class="Admonishment-version u-mono u-strikethrough">6.3.0</span>]
<span class="Admonishment-detail">
Deprecated in 6.3.0. Use <code class="literal">xpack.monitoring.collection.enabled</code> set to <code class="literal">false</code> instead.
</span>
</span>
</p>
<p>Controls how often data samples are collected. Defaults to <code class="literal">10s</code>. If you
modify the collection interval, set the <code class="literal">xpack.monitoring.min_interval_seconds</code>
option in <code class="literal">kibana.yml</code> to the same value.</p>
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.elasticsearch.collection.enabled</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
Controls whether statistics about your Elasticsearch cluster should be collected. Defaults to <code class="literal">true</code>.
This is different from xpack.monitoring.collection.enabled, which allows you to enable or disable
all monitoring collection. However, this setting simply disables the collection of Elasticsearch
data while still allowing other data (e.g., Kibana, Logstash, Beats, or APM Server monitoring data)
to pass through this cluster.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.collection.cluster.stats.timeout</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
(<a class="xref" href="common-options.html#time-units" title="Time units">time value</a>) Timeout for collecting the cluster statistics. Defaults to <code class="literal">10s</code>.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.collection.node.stats.timeout</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
(<a class="xref" href="common-options.html#time-units" title="Time units">time value</a>) Timeout for collecting the node statistics. Defaults to <code class="literal">10s</code>.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.collection.indices</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
Controls which indices Monitoring collects data from. Defaults to all indices. Specify the index names
as a comma-separated list, for example <code class="literal">test1,test2,test3</code>. Names can include wildcards, for
example <code class="literal">test*</code>. You can explicitly exclude indices by prepending <code class="literal">-</code>. For example <code class="literal">test*,-test3</code> will
monitor all indexes that start with <code class="literal">test</code> except for <code class="literal">test3</code>. System indices like .security* or .kibana*
always start with a <code class="literal">.</code>, and generally should be monitored. Consider adding <code class="literal">.*</code> to the list of indices
ensure monitoring of system indices. For example <code class="literal">.*,test*,-test3</code>
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.collection.index.stats.timeout</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
(<a class="xref" href="common-options.html#time-units" title="Time units">time value</a>) Timeout for collecting index statistics. Defaults to <code class="literal">10s</code>.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.collection.index.recovery.active_only</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
Controls whether or not all recoveries are collected. Set to <code class="literal">true</code> to
collect only active recoveries. Defaults to <code class="literal">false</code>.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.collection.index.recovery.timeout</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
(<a class="xref" href="common-options.html#time-units" title="Time units">time value</a>) Timeout for collecting the recovery information. Defaults to <code class="literal">10s</code>.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.history.duration</code> (<a class="xref" href="cluster-update-settings.html" title="Cluster update settings API">Dynamic</a>)
</span>
</dt>
<dd>
<p>
(<a class="xref" href="common-options.html#time-units" title="Time units">time value</a>) Retention duration beyond which the indices created by a Monitoring
exporter are automatically deleted. Defaults to <code class="literal">7d</code> (7 days).
</p>
<p>This setting has a minimum value of <code class="literal">1d</code> (1 day) to ensure that something is
being monitored, and it cannot be disabled.</p>
<div class="important admon">
<div class="icon"></div>
<div class="admon_content">
<p>This setting currently only impacts <code class="literal">local</code>-type exporters. Indices created using
the <code class="literal">http</code> exporter will not be deleted automatically.</p>
</div>
</div>
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters</code>
</span>
</dt>
<dd>
Configures where the agent stores monitoring data. By default, the agent uses a
local exporter that indexes monitoring data on the cluster where it is installed.
Use an HTTP exporter to send data to a separate monitoring cluster. For more
information, see <a class="xref" href="monitoring-settings.html#local-exporter-settings" title="Local Exporter Settings">Local exporter settings</a>,
<a class="xref" href="monitoring-settings.html#http-exporter-settings" title="HTTP Exporter Settings">HTTP exporter settings</a>, and
<a class="xref" href="how-monitoring-works.html" title="How monitoring works"><em>How it works</em></a>.
</dd>
</dl>
</div>
<h4>
<a id="local-exporter-settings"></a>Local Exporter Settings<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/monitoring-settings.asciidoc">edit</a>
</h4>
<p>The <code class="literal">local</code> exporter is the default exporter used by Monitoring. As the name is
meant to imply, it exports data to the <em>local</em> cluster, which means that there
is not much needed to be configured.</p>
<p>If you do not supply <em>any</em> exporters, then Monitoring will automatically create
one for you. If any exporter is provided, then no default is added.</p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">xpack.monitoring.exporters.my_local:
  type: local</pre>
</div>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">type</code>
</span>
</dt>
<dd>
The value for a Local exporter must always be <code class="literal">local</code> and it is required.
</dd>
<dt>
<span class="term">
<code class="literal">use_ingest</code>
</span>
</dt>
<dd>
Whether to supply a placeholder pipeline to the cluster and a pipeline processor with
every bulk request. The default value is <code class="literal">true</code>. If disabled, then it means that it will not
use pipelines, which means that a future release cannot automatically upgrade bulk requests
to future-proof them.
</dd>
<dt>
<span class="term">
<code class="literal">cluster_alerts.management.enabled</code>
</span>
</dt>
<dd>
Whether to create cluster alerts for this cluster. The default value is <code class="literal">true</code>.
To use this feature, Watcher must be enabled.  If you have a basic license,
cluster alerts are not displayed.
</dd>
</dl>
</div>
<h4>
<a id="http-exporter-settings"></a>HTTP Exporter Settings<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/monitoring-settings.asciidoc">edit</a>
</h4>
<p>The following lists settings that can be supplied with the <code class="literal">http</code> exporter.
All settings are shown as what follows the name you select for your exporter:</p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">xpack.monitoring.exporters.my_remote:
  type: http
  host: ["host:port", ...]</pre>
</div>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">type</code>
</span>
</dt>
<dd>
The value for an HTTP exporter must always be <code class="literal">http</code> and it is required.
</dd>
<dt>
<span class="term">
<code class="literal">host</code>
</span>
</dt>
<dd>
<p>
Host supports multiple formats, both as an array or as a single value. Supported formats include
<code class="literal">hostname</code>, <code class="literal">hostname:port</code>, <code class="literal">http://hostname</code> <code class="literal">http://hostname:port</code>, <code class="literal">https://hostname</code>, and
<code class="literal">https://hostname:port</code>. Hosts cannot be assumed. The default scheme is always <code class="literal">http</code> and the default
port is always <code class="literal">9200</code> if not supplied as part of the <code class="literal">host</code> string.
</p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">xpack.monitoring.exporters:
  example1:
    type: http
    host: "10.1.2.3"
  example2:
    type: http
    host: ["http://10.1.2.4"]
  example3:
    type: http
    host: ["10.1.2.5", "10.1.2.6"]
  example4:
    type: http
    host: ["https://10.1.2.3:9200"]</pre>
</div>
</dd>
<dt>
<span class="term">
<code class="literal">auth.username</code>
</span>
</dt>
<dd>
The username is required if <code class="literal">auth.secure_password</code> or <code class="literal">auth.password</code> is supplied.
</dd>
<dt>
<span class="term">
<code class="literal">auth.secure_password</code> (<a class="xref" href="secure-settings.html" title="Secure settings">Secure</a>, <a class="xref" href="secure-settings.html#reloadable-secure-settings" title="Reloadable secure settings">reloadable</a>)
</span>
</dt>
<dd>
The password for the <code class="literal">auth.username</code>. Takes precedence over <code class="literal">auth.password</code> if it is also specified.
</dd>
<dt>
<span class="term">
<code class="literal">auth.password</code>
</span>
</dt>
<dd>
The password for the <code class="literal">auth.username</code>. If <code class="literal">auth.secure_password</code> is also specified, this setting is ignored.
</dd>
</dl>
</div>
<div class="warning admon">
<div class="icon"></div>
<div class="admon_content">
<h3>Deprecated in 7.7.0.</h3>
<p>Use <code class="literal">auth.secure_password</code> instead.</p>
</div>
</div>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">connection.timeout</code>
</span>
</dt>
<dd>
(<a class="xref" href="common-options.html#time-units" title="Time units">time value</a>) Amount of time that the HTTP connection is supposed to wait for a socket to open for the
request. The default value is <code class="literal">6s</code>.
</dd>
<dt>
<span class="term">
<code class="literal">connection.read_timeout</code>
</span>
</dt>
<dd>
(<a class="xref" href="common-options.html#time-units" title="Time units">time value</a>) Amount of time that the HTTP connection is supposed to wait for a socket to
send back a response. The default value is <code class="literal">10 * connection.timeout</code> (<code class="literal">60s</code> if neither are set).
</dd>
<dt>
<span class="term">
<code class="literal">ssl</code>
</span>
</dt>
<dd>
Each HTTP exporter can define its own TLS / SSL settings or inherit them. See the
<a class="xref" href="monitoring-settings.html#ssl-monitoring-settings" title="X-Pack monitoring TLS/SSL settings">TLS / SSL section below</a>.
</dd>
<dt>
<span class="term">
<code class="literal">proxy.base_path</code>
</span>
</dt>
<dd>
The base path to prefix any outgoing request, such as <code class="literal">/base/path</code> (e.g., bulk requests would
then be sent as <code class="literal">/base/path/_bulk</code>). There is no default value.
</dd>
<dt>
<span class="term">
<code class="literal">headers</code>
</span>
</dt>
<dd>
<p>
Optional headers that are added to every request, which can assist with routing requests through
proxies.
</p>
<div class="pre_wrapper lang-yaml">
<pre class="programlisting prettyprint lang-yaml">xpack.monitoring.exporters.my_remote:
  headers:
    X-My-Array: [abc, def, xyz]
    X-My-Header: abc123</pre>
</div>
<p>Array-based headers are sent <code class="literal">n</code> times where <code class="literal">n</code> is the size of the array. <code class="literal">Content-Type</code>
and <code class="literal">Content-Length</code> cannot be set. Any headers created by the Monitoring agent will override
anything defined here.</p>
</dd>
<dt>
<span class="term">
<code class="literal">index.name.time_format</code>
</span>
</dt>
<dd>
A mechanism for changing the default date suffix for the, by default, daily Monitoring indices.
The default value is <code class="literal">yyyy.MM.dd</code>, which is why the indices are created daily.
</dd>
<dt>
<span class="term">
<code class="literal">use_ingest</code>
</span>
</dt>
<dd>
Whether to supply a placeholder pipeline to the monitoring cluster and a pipeline processor with
every bulk request. The default value is <code class="literal">true</code>. If disabled, then it means that it will not
use pipelines, which means that a future release cannot automatically upgrade bulk requests
to future-proof them.
</dd>
<dt>
<span class="term">
<code class="literal">cluster_alerts.management.enabled</code>
</span>
</dt>
<dd>
Whether to create cluster alerts for this cluster. The default value is <code class="literal">true</code>.
To use this feature, Watcher must be enabled.  If you have a basic license,
cluster alerts are not displayed.
</dd>
<dt>
<span class="term">
<code class="literal">cluster_alerts.management.blacklist</code>
</span>
</dt>
<dd>
<p>
Prevents the creation of specific cluster alerts. It also removes any applicable
watches that already exist in the current cluster.
</p>
<p>You can add any of the following watch identifiers to the list of blocked alerts:</p>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
<code class="literal">elasticsearch_cluster_status</code>
</li>
<li class="listitem">
<code class="literal">elasticsearch_version_mismatch</code>
</li>
<li class="listitem">
<code class="literal">elasticsearch_nodes</code>
</li>
<li class="listitem">
<code class="literal">kibana_version_mismatch</code>
</li>
<li class="listitem">
<code class="literal">logstash_version_mismatch</code>
</li>
<li class="listitem">
<code class="literal">xpack_license_expiration</code>
</li>
</ul>
</div>
<p>For example: <code class="literal">["elasticsearch_version_mismatch","xpack_license_expiration"]</code>.</p>
</dd>
</dl>
</div>
<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="ssl-monitoring-settings"></a>X-Pack monitoring TLS/SSL settings<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/ssl-settings.asciidoc">edit</a>
</h3>
</div></div></div>
<p>You can configure the following TLS/SSL settings.</p>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.supported_protocols</code>
</span>
</dt>
<dd>
<p>
Supported protocols with versions. Valid protocols: <code class="literal">SSLv2Hello</code>,
<code class="literal">SSLv3</code>, <code class="literal">TLSv1</code>, <code class="literal">TLSv1.1</code>, <code class="literal">TLSv1.2</code>, <code class="literal">TLSv1.3</code>. If the JVM’s SSL provider supports TLSv1.3,
the default is <code class="literal">TLSv1.3,TLSv1.2,TLSv1.1</code>. Otherwise, the default is
<code class="literal">TLSv1.2,TLSv1.1</code>.
</p>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>If <code class="literal">xpack.security.fips_mode.enabled</code> is <code class="literal">true</code>, you cannot use <code class="literal">SSLv2Hello</code>
or <code class="literal">SSLv3</code>. See <a class="xref" href="fips-140-compliance.html" title="FIPS 140-2">FIPS 140-2</a>.</p>
</div>
</div>
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.verification_mode</code>
</span>
</dt>
<dd>
<p>
Controls the verification of certificates.
Valid values are:
</p>
<div class="ulist itemizedlist">
<ul class="itemizedlist">
<li class="listitem">
<code class="literal">full</code>, which verifies that the provided certificate is signed by a trusted
authority (CA) and also verifies that the server’s hostname (or IP address)
matches the names identified within the certificate.
</li>
<li class="listitem">
<code class="literal">certificate</code>, which verifies that the provided certificate is signed by a
trusted authority (CA), but does not perform any hostname verification.
</li>
<li class="listitem">
<p><code class="literal">none</code>, which performs <em>no verification</em> of the server’s certificate. This
mode disables many of the security benefits of SSL/TLS and should only be used
after very careful consideration. It is primarily intended as a temporary
diagnostic mechanism when attempting to resolve TLS errors; its use on
production clusters is strongly discouraged.</p>
<p>The default value is <code class="literal">full</code>.</p>
</li>
</ul>
</div>
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.cipher_suites</code>
</span>
</dt>
<dd>
<p>
Supported cipher suites vary depending on which version of Java you use. For
example, for version 11 the default value is <code class="literal">TLS_AES_256_GCM_SHA384</code>,
<code class="literal">TLS_AES_128_GCM_SHA256</code>, <code class="literal">TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</code>,
<code class="literal">TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</code>, <code class="literal">TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</code>,
<code class="literal">TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</code>, <code class="literal">TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</code>,
<code class="literal">TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</code>, <code class="literal">TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</code>,
<code class="literal">TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</code>, <code class="literal">TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</code>,
<code class="literal">TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</code>, <code class="literal">TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</code>,
<code class="literal">TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</code>, <code class="literal">TLS_RSA_WITH_AES_256_GCM_SHA384</code>,
<code class="literal">TLS_RSA_WITH_AES_128_GCM_SHA256</code>, <code class="literal">TLS_RSA_WITH_AES_256_CBC_SHA256</code>,
<code class="literal">TLS_RSA_WITH_AES_128_CBC_SHA256</code>, <code class="literal">TLS_RSA_WITH_AES_256_CBC_SHA</code>,
<code class="literal">TLS_RSA_WITH_AES_128_CBC_SHA</code>.
</p>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>The default cipher suites list above includes TLSv1.3 ciphers and ciphers
that require the <em>Java Cryptography Extension (JCE) Unlimited Strength
Jurisdiction Policy Files</em> for 256-bit AES encryption. If TLSv1.3 is not
available, the TLSv1.3 ciphers <code class="literal">TLS_AES_256_GCM_SHA384</code> and
<code class="literal">TLS_AES_128_GCM_SHA256</code> are not included in the default list. If 256-bit AES is
unavailable, ciphers with <code class="literal">AES_256</code> in their names are not included in the
default list. Finally, AES GCM has known performance issues in Java versions
prior to 11 and is included in the default list only when using Java 11 or above.</p>
</div>
</div>
<p>For more information, see Oracle’s
<a href="https://docs.oracle.com/en/java/javase/11/security/oracle-providers.html#GUID-7093246A-31A3-4304-AC5F-5FB6400405E2" class="ulink" target="_top">Java Cryptography Architecture documentation</a>.</p>
</dd>
</dl>
</div>
<div class="section">
<div class="titlepage"><div><div>
<h4 class="title">
<a id="monitoring-tls-ssl-key-trusted-certificate-settings"></a>X-Pack monitoring TLS/SSL key and trusted certificate settings<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/ssl-settings.asciidoc">edit</a>
</h4>
</div></div></div>
<p>The following settings are used to specify a private key, certificate, and the
trusted certificates that should be used when communicating over an SSL/TLS connection.
A private key and certificate are optional and would be used if the server requires client authentication for PKI
authentication.</p>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h4 class="title">
<a id="_pem_encoded_files"></a>PEM encoded files<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/ssl-settings.asciidoc">edit</a>
</h4>
</div></div></div>
<p>When using PEM encoded files, use the following settings:</p>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.key</code>
</span>
</dt>
<dd>
Path to a PEM encoded file containing the private key.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.key_passphrase</code>
</span>
</dt>
<dd>
The passphrase that is used to decrypt the private key. Since the key might not
be encrypted, this value is optional.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.secure_key_passphrase</code> (<a class="xref" href="secure-settings.html" title="Secure settings">Secure</a>)
</span>
</dt>
<dd>
The passphrase that is used to decrypt the private key. Since the key might not
be encrypted, this value is optional.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.certificate</code>
</span>
</dt>
<dd>
Specifies the path for the PEM encoded certificate (or certificate chain) that is
associated with the key.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.certificate_authorities</code>
</span>
</dt>
<dd>
List of paths to PEM encoded certificate files that should be trusted.
</dd>
</dl>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h4 class="title">
<a id="_java_keystore_files"></a>Java keystore files<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/ssl-settings.asciidoc">edit</a>
</h4>
</div></div></div>
<p>When using Java keystore files (JKS), which contain the private key, certificate
and certificates that should be trusted, use the following settings:</p>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.path</code>
</span>
</dt>
<dd>
The path for the keystore file that contains a private key and certificate.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.password</code>
</span>
</dt>
<dd>
The password for the keystore.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.secure_password</code> (<a class="xref" href="secure-settings.html" title="Secure settings">Secure</a>)
</span>
</dt>
<dd>
The password for the keystore.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.key_password</code>
</span>
</dt>
<dd>
The password for the key in the keystore. The default is the keystore password.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.secure_key_password</code> (<a class="xref" href="secure-settings.html" title="Secure settings">Secure</a>)
</span>
</dt>
<dd>
The password for the key in the keystore. The default is the keystore password.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.truststore.path</code>
</span>
</dt>
<dd>
The path for the keystore that contains the certificates to trust. It must be
either a Java keystore (jks) or a PKCS#12 file.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.truststore.password</code>
</span>
</dt>
<dd>
The password for the truststore.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.truststore.secure_password</code> (<a class="xref" href="secure-settings.html" title="Secure settings">Secure</a>)
</span>
</dt>
<dd>
Password for the truststore.
</dd>
</dl>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h4 class="title">
<a id="monitoring-pkcs12-files"></a>PKCS#12 files<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/ssl-settings.asciidoc">edit</a>
</h4>
</div></div></div>
<p>Elasticsearch can be configured to use PKCS#12 container files (<code class="literal">.p12</code> or <code class="literal">.pfx</code> files)
that contain the private key, certificate and certificates that should be trusted.</p>
<p>PKCS#12 files are configured in the same way as Java keystore files:</p>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.path</code>
</span>
</dt>
<dd>
The path for the keystore file that contains a private key and certificate.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.type</code>
</span>
</dt>
<dd>
The format of the keystore file. It must be either <code class="literal">jks</code> or <code class="literal">PKCS12</code>. If the
keystore path ends in ".p12", ".pfx", or ".pkcs12", this setting defaults
to <code class="literal">PKCS12</code>. Otherwise, it defaults to <code class="literal">jks</code>.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.password</code>
</span>
</dt>
<dd>
The password for the keystore.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.secure_password</code> (<a class="xref" href="secure-settings.html" title="Secure settings">Secure</a>)
</span>
</dt>
<dd>
The password for the keystore.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.key_password</code>
</span>
</dt>
<dd>
The password for the key in the keystore. The default is the keystore password.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.keystore.secure_key_password</code> (<a class="xref" href="secure-settings.html" title="Secure settings">Secure</a>)
</span>
</dt>
<dd>
The password for the key in the keystore. The default is the keystore password.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.truststore.path</code>
</span>
</dt>
<dd>
The path for the keystore that contains the certificates to trust. It must be
either a Java keystore (jks) or a PKCS#12 file.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.truststore.type</code>
</span>
</dt>
<dd>
Set this to <code class="literal">PKCS12</code> to indicate that the truststore is a PKCS#12 file.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.truststore.password</code>
</span>
</dt>
<dd>
The password for the truststore.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.ssl.truststore.secure_password</code> (<a class="xref" href="secure-settings.html" title="Secure settings">Secure</a>)
</span>
</dt>
<dd>
Password for the truststore.
</dd>
</dl>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h4 class="title">
<a id="monitoring-pkcs11-tokens"></a>PKCS#11 tokens<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/docs/reference/settings/ssl-settings.asciidoc">edit</a>
</h4>
</div></div></div>
<p>Elasticsearch can be configured to use a PKCS#11 token that contains the private key,
certificate and certificates that should be trusted.</p>
<p>PKCS#11 token require additional configuration on the JVM level and can be enabled
via the following settings:</p>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.keystore.type</code>
</span>
</dt>
<dd>
Set this to <code class="literal">PKCS11</code> to indicate that the PKCS#11 token should be used as a keystore.
</dd>
<dt>
<span class="term">
<code class="literal">xpack.monitoring.exporters.$NAME.truststore.type</code>
</span>
</dt>
<dd>
The format of the truststore file. For the Java keystore format, use <code class="literal">jks</code>. For
PKCS#12 files, use <code class="literal">PKCS12</code>. For a PKCS#11 token, use <code class="literal">PKCS11</code>. The default is
<code class="literal">jks</code>.
</dd>
</dl>
</div>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>When configuring the PKCS#11 token that your JVM is configured to use as
a keystore or a truststore for Elasticsearch, the PIN for the token can be
configured by setting the appropriate value to <code class="literal">ssl.truststore.password</code>
or <code class="literal">ssl.truststore.secure_password</code> in the context that you are configuring.
Since there can only be one PKCS#11 token configured, only one keystore and
truststore will be usable for configuration in Elasticsearch. This in turn means
that only one certificate can be used for TLS both in the transport and the
http layer.</p>
</div>
</div>
</div>

</div>

</div>
<div class="navfooter">
<span class="prev">
<a href="ml-settings.html">« Machine learning settings in Elasticsearch</a>
</span>
<span class="next">
<a href="modules-node.html">Node »</a>
</span>
</div>
</div>

                  <!-- end body -->
                </div>
                <div class="col-xs-12 col-sm-4 col-md-4" id="right_col">
                  <div id="rtpcontainer" style="display: block;">
                    <div class="mktg-promo">
                      <h3>Most Popular</h3>
                      <ul class="icons">
                        <li class="icon-elasticsearch-white"><a href="https://www.elastic.co/webinars/getting-started-elasticsearch?baymax=default&amp;elektra=docs&amp;storm=top-video">Get Started with Elasticsearch: Video</a></li>
                        <li class="icon-kibana-white"><a href="https://www.elastic.co/webinars/getting-started-kibana?baymax=default&amp;elektra=docs&amp;storm=top-video">Intro to Kibana: Video</a></li>
                        <li class="icon-logstash-white"><a href="https://www.elastic.co/webinars/introduction-elk-stack?baymax=default&amp;elektra=docs&amp;storm=top-video">ELK for Logs &amp; Metrics: Video</a></li>
                      </ul>
                    </div>
                  </div>
                </div>
              </div>
            </div>
          </section>

        </div>


<div id="elastic-footer"></div>
<script src="https://www.elastic.co/elastic-footer.js"></script>
<!-- Footer Section end-->

      </section>
    </div>

<script src="/guide/static/jquery.js"></script>
<script type="text/javascript" src="/guide/static/docs.js"></script>
<script type="text/javascript">
  window.initial_state = {}</script>
  </body>
</html>
